Auth rework #953
Merged
Auth rework #953
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Yadhap/user roles
* Remove existing manual login/logout code for fresh start * save progress * introduce new login introduce login/register, basic layout component. Able to be accessed by /login and /register respectively. Will need to rework login and load order and such later * Max characters applied * update look and feel * Further css adjustments * give new-password so autocomplete doesn't happen * added autoComplete off in login page aswell --------- Co-authored-by: yadhap Dahal <[email protected]>
…tiy functions. Modified RoleTypes, UserRoles model, added migration file and model for refresh_token
…ue for registrationStatus
…ch as read, update, delete
Added registration and login routes, middlewares, controlles and util…
* Remove existing manual login/logout code for fresh start * save progress * introduce new login introduce login/register, basic layout component. Able to be accessed by /login and /register respectively. Will need to rework login and load order and such later * Max characters applied * update look and feel * Further css adjustments * give new-password so autocomplete doesn't happen * added autoComplete off in login page aswell * add forgot password, password complexity validator, reset password --------- Co-authored-by: yadhap Dahal <[email protected]>
Yadhap/user related actions
* Remove existing manual login/logout code for fresh start * save progress * introduce new login introduce login/register, basic layout component. Able to be accessed by /login and /register respectively. Will need to rework login and load order and such later * Max characters applied * update look and feel * Further css adjustments * give new-password so autocomplete doesn't happen * added autoComplete off in login page aswell * add forgot password, password complexity validator, reset password * remove i18n and language switcher * adjust footer * add comment * home css and structure adjustments * rename css class --------- Co-authored-by: yadhap Dahal <[email protected]>
…ock data with a dedicated test database for more accurate unit tests. Implemented end-to-end route tests for authentication and user routes.
Refactored testing environment to mirror production setup.
* create my account page * Adjust look and feel Change password replaces logout in top left, one form for displaying and editing information.
* create my account page * Initial Framework Still need to add Modals and functionality, but waiting on wiring basic flow first so we can have real data to test with. * save
additional auth routes and session mgmt routes
…gistered-user Yadhap/verify email self registered user
* bug fixes for application creation/deletion/switching for left nav and application screens * remove console logs * remove unused functions from application screen * Save Progress * fixes * Update Backend.js * Fix Header for stability * save progress * Update to control reader disabled * Update to allow user to logout no matter what * Allow user to update their own account and create allowed resource list * Handle login invalid values * 403 fallback page * save * fix spelling error * fix spelling * Patch to not show owner/admin no route access and also fix authController to return user roles and applications on verify email login * Add more conditionals
* Model and Migration * Routes, Controllers, Middleware for instance settings
* bug fixes for application creation/deletion/switching for left nav and application screens * remove console logs * remove unused functions from application screen * Save Progress * fixes * Update Backend.js * Fix Header for stability * save progress * Update to control reader disabled * Update to allow user to logout no matter what * Allow user to update their own account and create allowed resource list * Handle login invalid values * 403 fallback page * save * save * Model and Migration * Routes, Controllers, Middleware for instance settings * save * save progresss * save * finish * Update error message * Changed Steps on Start up Wizard to horizontal --------- Co-authored-by: yadhap Dahal <[email protected]>
* bug fixes for application creation/deletion/switching for left nav and application screens * remove console logs * remove unused functions from application screen * Save Progress * fixes * Update Backend.js * Fix Header for stability * save progress * Update to control reader disabled * Update to allow user to logout no matter what * Allow user to update their own account and create allowed resource list * Handle login invalid values * 403 fallback page * save * save * Model and Migration * Routes, Controllers, Middleware for instance settings * save * save progresss * save * finish * request access route * Only Owners or Admins should see tours * Finish notification * remove extra /
…es in front end so the front end gets right kind of code from Azure before sending to backend
Added login/register with azure option in the back end and made chang…
* Oauth2 front end * wire front and backend azure login * Show/hide traditional * small bug fix to prevent multiple logins from being fired * Fixed login loop that occured when MS login failed. Also fixed issue where the roles and applications for newly created azure user was coming back undefined --------- Co-authored-by: yadhap Dahal <[email protected]>
* Remove unused packages * Bug Fixes for left nav, constraints, and consumers
* Remove unused packages * Bug Fixes for left nav, constraints, and consumers * updates * Users Page and various docs updates * adjustments
* Fix user registration to not show success unless error message is shown and remove duplicate create basic user route * Set width of all components to 40rem for login for consistency * hide change password method for microsoft accounts
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Tombolo/client-reactjs/src/components/application/myAccount/myAccountInfo.jsx
Fixed
Show fixed
Hide fixed
* centralize getting and setting user functions * Small Patch to Login Fixes Logging in when user attempts to log in with basic auth when they are registered to an Azure Account
* centralize getting and setting user functions * Small Patch to Login Fixes Logging in when user attempts to log in with basic auth when they are registered to an Azure Account * Finalize cookie transition for tokens Move to http cookies rather than storing access token in local storage. * Centralize token setting to a function Centralize repeated code to one location for ease of managing * remove unused code
* centralize getting and setting user functions * Small Patch to Login Fixes Logging in when user attempts to log in with basic auth when they are registered to an Azure Account * Finalize cookie transition for tokens Move to http cookies rather than storing access token in local storage. * Centralize token setting to a function Centralize repeated code to one location for ease of managing * remove unused code
* centralize getting and setting user functions * Small Patch to Login Fixes Logging in when user attempts to log in with basic auth when they are registered to an Azure Account * Finalize cookie transition for tokens Move to http cookies rather than storing access token in local storage. * Centralize token setting to a function Centralize repeated code to one location for ease of managing * remove unused code * save progress * save * Naive Double Cookie CSRF Protection Finished * Update middleware to reflect production env variable code * Add in prod vs dev code * Make csrf cookie only valid for 15 minutes
* finish double signed CSRF implementation * remove local storage necessity
Mfancher/double signed cookie
this.props code was leftover despite the rework into a functional component. Repaired the errors form this
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Please include a summary of the change and which issue is fixed. Please also include relevant motivation and context. List any dependencies that are required for this change.
Fixes # (issue)
Type of change
Developer Checklist:
Reviewer Checklist